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(57) Abstract 

The invention provides an Internet communication 
system including a computer terminal, for each Internet- 
client, and a number of Internet WWW-servers adapted 
to be accessed by an Internet-client, said computer 
terminals being adapted for connection to the Internet 
and having a WWW-browser and a data modem for 
respectively accessing, and interfacing with, the WWW- 
servers, characterised in that the communication system 
includes security means, for said computer terminals and 
Internet-servers, to ensure that transactions between a 
WWW -server and an Interne t-client are secure. The 
security means including an Internet-client server for 
each computer terminal and means for endorsing each 
transactions with an electronic signature. The Internet- 
client server has WWW- functionalities and is adapted to 
link with the data modem and the transaction endorsement 
means. The security means may be adapted to encrypt 
and decrypt the transactions. The transaction endorsement 
means preferably includes a personalised smart card for 
each Internet-client. The smart card may be used to 
effect encryption and decryption, as well as providing an 
electronic signature for the transactions. 
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IMPROVEMENTS IN, OR RELATING TO, INTERNET COMMUNICATION 

SYSTEMS 

The invention relates to an Internet communication system, a secure computer 
terminal, an Internet WWW (World Wide Webserver for said system, and a method 
for the secure transmission of information data between an Internet WWW-server 
and a computer terminal. 

The nature, and implementation, of Internet technologies is well known to 
persons skilled in the art and, whilst the Internet can be attributed with a number of 
different qualities, security is not one of these attributes. As a consequence of this, 
use of the public network, provided by the Internet, is excluded for a wide range of 
applications, for example, business transactions, where security of information is of 
prime importance. 

There is, therefore, a requirement to be able to maintain security of the data 
traffic as it traverses those sections of the network to which the public has access. 

The Internet is, in essence, a global network of interconnected computer 
terminals, or networks, and comprises a number of separate interconnected networks 
which are owned and controlled by a number of organisations, for example, network 
operators, Internet service providers, businesses and universities. The World Wide 
Web (WWW), known as the 'Web', provides a relatively simple means of accessing, 
and navigating through the information data provided by Web sites and, in particular, 
WWW-servers, i.e. computers. WWW-servers can, in effect, be accessed by 
computer terminal users having the necessary authority from Web site operators, to; 
obtain information data, on any desired topic, stored by the servers. WWW-servers- 
respond to requests for information data, by sending out 'pages' of text, pictures and 
other information. The information data, comprising a 'page', are combined and 
displayed on the screen of a user's computer terminal. Web browsers are used to 
allow access to information held on the Web site servers. In fact, Web-browser 
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software sends out the requests for 'pages' to Web-servers. The universal language 
of the Internet is HyperTextMarkup Language (HTML) which is a page description 
language used on WWW. The storage of information data on a Web site server, i.e. 
as as 'pages', is effected using HTML and Web site tempiates. 

5 • It is an object of the present invention to provide an Internet communication 

system for effecting secure transmission of information data between an Internet 

?. 

WWW-server and a computer terminal. 

It is another object of the present invention to provide a secure computer 
10 terminal for use by internet-clients. 

It is another object of the present invention to provide a secure Internet 
WWW-server for use by internet-clients. 

It is a further object of the present invention to provide a method for the secure 
transmission of information data between an internet WWW-server and a computer 
15 terminal. 

The present invention provides an Internet communication system including 
a computer terminal, for each Intemet-ciient, and a number of internet WWW-servers 
adapted to be accessed by an Internet-client, said computer terminals being adapted 

20 for connection to the Internet and having a WWW-browser and a data modem for 
respectively accessing, and interfacing with, the WWW-servers, characterised in that 
the communication system includes security means, for said computer terminals and 
internet-servers, to ensure that transactions between a WWW-server and an 
Intemet-ciient are secure, said security means including an Internet-client server for 

25 each computer terminal and means for endorsing each transactions with an electronic 
signature, and in that said Internet-client server has WWW-functionalities and is 
adapted to link with said data modem and said transaction endorsement means. The 
security means may be adapted to encrypt and decrypt said transactions. 
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The transaction endorsement means may include a personalised smart card 
for each Internet client, in which case, the computer terminals will each include a 
smart card reader connected to a communication port of a respective computer 
terminal. The encryption and decryption may be effected by the smart cards. 

5 • On the server side of the system, the security means may be arranged behind 

each of said Internet WWW-servers and adapted to verify said electronic signature. 
The Internet WWW-server security means are adapted to encrypt and decrypt 
information. The security means may be arranged behind each of said Internet 
WVWV-servers and use cgi-script and WWW-compatible software. 

10 The system, of the present invention, may include, for each Internet WWW- 

server, a storage system for storing verified secure transactions, each of said storage 
systems being connected to a respective Internet WWW-server. The system may 
also include a router for each Internet WWW-server, said router being adapted to 
connect a respective Internet WWW-server to the Internet. 

1 5 The security means may embody conventional WWW-technology, the use of 

such technology making the security function transparent. 

The system may include means for saving said electronic signature for 
subsequent use. 



The present invention further provides a secure computer terminal for an 
Internet-client, said terminal being adapted for connection to the Internet and having 
a WWW-browser and a data modem for respectively accessing, and interfacing with', 
WWW-servers on the Internet, characterised in that said computer terminal includes' 
security means for ensuring that transactions conducted with a WWW-server are 
secure, said security means including an Internet-client server and means for 
endorsing each transaction with an electronic signature, and in that said Internet- 
client server has WWW-functionalities and is adapted to link with said data modem 
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and said transaction endorsement means. 

The secunty means may be adapted to encrypt and decrypt said transactions 
and the transaction endorsement means may include a personalised smart card for 
a user of said terminal. With this arrangement, the terminal will include a smart card 
reader connected to a communication port of the computer terminal. The encryption 
and;decryption may be effected by the smart card. 

The security means may embody conventional WWW-technology, the use of 
such technology making the secunty function transparent. 

The present invention further provides a secure Internet WWW-server, said 
server being adapted to communicate with a secure computer terminal as outlined in 
preceding paragraphs, characterised in that said Internet WWW-server includes 
server secunty means to ensure that transactions conducted with said computer 
terminal are secure, and in that said server security means are arranged behind said 
Internet WWW-server and adapted to verify said electronic signature. The server 
secunty means which may be adapted to encrypt and decrypt information and which 
may be arranged behind said WWW-servers as cgi-script and WWW-compatible 
software, may embody conventional WWW-technology. The use of conventional 
WWW-technology makes the server security function transparent. 

The present invention further provides, in an Internet communication system 
including a computer terminal, for each Internet-client, and a number of Internet 
WWW-servers adapted to be accessed by an Internet-client, said computer terminals, 
being adapted for connection to the internet and having a WWW-browser and a data : 
modem for respectively accessing, and interfacing with, the WWW-servers, a method 
for the secure transmission of information data between said Internet WWW-server 
and said computer terminals, characterised by the steps of: 

storing said information data on an intermediate Internet-client server, local to 
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said computer terminal and having WWW-functionaiities; 

endorsing said information data with an electronic signature; 

transmitting the endorsed information data to said internet WWW-server; and 

on receipt of said endorsed information data by said Internet WWW-server, 
5 f; verifying the electronic signature. 

The method may include the steps of: 

encrypting said endorsed information data prior to transmission to said Internet 
WWW-server; and 

on receipt of said encrypted information data by said Internet WWW-server, 
10 decrypting the information date. 

The method may also include the steps of: 

encrypting information data prior to transmission from an Internet WWW- 
server to a computer terminal; and 

on receipt of encrypted information data by said computer terminal, decrypting 
15 the information data.. 

The method may include the step of storing said electronic signature for 
subsequent identification of the originator of a transaction. 1 

The method step of endorsing said information data with an electronic 
20 signature may be effected using a personalised smart card and the personalised 
smart card may be used to'encrypt and decrypt information data. 
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The information data may be in page-form, the language of said page-form 
data may be HTML and the page may comprise either separately, or in any 
combination, text, graphics, pictures, photographs, and fields for entry .of information. 

Furthermore, the page may be finked to other pages on the same, or other, 
5 Internet WWW-servers. 

■ When the page is a form having fields for entry of information, the method may 
include the steps of obtained said form from an Internet WWW-server; completing 
said form by entering information in said fields; transferring said completed form to 
said local intermediate server; endorsing said completed form with an electronic 
0 signature; transmitting the endorsed form from said locai intermediate server to said 
Internet WWW-server; and, on receipt of said endorsed form by said Internet WWW- 
server, verifying the electronic signature. The endorsed form may be encrypted pnor 
to transmission to said Internet WWW-server. 

The form may be obtained from an Internet WWW-server, www.xxx.se, and 
5 may, for example, contains the following text: 

<form method = "post" action = "http://locathost/cgi-wjn/a_script"> 

<input type = "hidden" name - "data" vaiue = "<data to be signed>"> 

<input type = "hidden" name = "ur!" vaiue ="http: //www. xxx.se/cgi bin/any_scnpt"> 

<input type = "submit" value = "Sign"> </form> 

!0 and method may, in these circumstances, includes the steps of producing an 
electronic signature on said form, an "a_script" on said local intermediate server ■ 
being, used to effect the signing function; and returning said form to said internet 
WWW-server, said form containing, inter alia: 

<form method = "post" action = "http:/wvvw.xxx.se/cgi-bin/any_script M > <input type = "hidden'* 
■5 name = "data" vaiue = "<data which has been signed>"> 

<input type = "hidden" name = "signinfo" value - ,: <the electronic signature of the data>"> 
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<input type = "submit" value = "Transmit 1 ^ </form>. 

The present invention further provides a communication system operating in 
accordance with a method, as claimed outlined in preceding paragraphs, for the 
secure transmission of information data between an Internet WWW-server and an 
5 Internet-client. 

The present invention further provides an Internet communication system 
including a secure computer terminal, as outlined in preceding paragraphs, for each 
Internet-client, and a plurality of Internet WWW-servers, as. outlined in preceding 
paragraphs. 

0 

The foregoing and other features according to the present invention will be 
better understood from the following description, with reference to the accompanying 
drawings, in which: 

Figure 1 diagrammaticaily illustrates part of an Internet communication system, 
5 according to the present invention, including a secure computer terminal for 

use by Internet-clients. 

Figure 2 diagrammaticaily illustrates another part of an Internet communication 
system, according to the present invention, including a secure Internet WWW- 
server for use by Internet-clients. 

0 It will be seen from the following description that an Internet communication 

system, according to the present invention, provides a more secure arrangement for 
transactions between an Internet WWW-server and an Internet-client, i.e. the systern! 
will facilitate the transmission of information data throughout the essentially public' 
network of the internet, without the information data being manipulated. 

5 Known Internet communication networks include, in essence, a computer 
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terminal, for each Internet-client, and a number of Internet WWW-servers adapted 
to be accessed by an Internet-client. The computer terminals are adapted for 
connection to the internet, i.e. have the necessary software and authority for access 
to the Internet WWW-servers, and having a WWW-browser and a data modem for 
respectively accessing, and interfacing with, the WWW-servers. 

In accordance with the present invention, such a system also includes security 
means, for the computer terminals and Internet-servers, which are adapted to ensure 
that transactions between a WWW-server and an Internet-client are secure. 

As can be seen from Figure 1 of the accompanying drawings, a secure 
computer terminal, according to the present invention, includes a computer terminal 
1. for example, a personal computer, having a modem 2 for connecting the computer 
terminal 1 to a pubfic telephone line and thence to the Internet 3, a security module 
4, including an Internet-client server 5, for the computer terminal 1, a unit 6, for 
example, a smart card reader, to provide the means for endorsing each transaction 
with an electronic signature. 

The internet-client server 5 has WWW-functionaiities and is adapted to link 
with the data modem 2 and the unit 6. 

The data modem 2 may, in practice, be integral with, or external to, the 
computer terminal 1 . and is adapted to send and receive information data for a range 
of applications, including facsimile and e-mail. In any event, the data modem 2 is 
connected to a communications port of the computer terminal 1 . 

The required software for the facsimile and e-mail functions is stored on the 
computer terminal 1 and includes a conventional WWW-browser for obtaining access 
to the Internet. 

Since the Internet is a public network, there is clearly a requirement to be able 
to effect transactions via the internet in a secure manner, i.e. the transmission and 
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receipt of confidential information data via the modem 2. In accordance with the 
present invention, this is preferably achieved by the use of a personal smart card 
which holds the personal and secunty data of the card-holder and allows him, or her, 
to be identified. Thus, the use of a smart card, in association with a smart card 
5 reader 6, will enable each transaction to be signed, electronically, and, where 
■ necessary, encrypted in a manner whereby the transaction can be forwarded through 
different networks without risk of manipulation by third parties. In order to be able to 
identify, at a later date, the identity of the person who initiated the transaction, the 
electronic signature may be saved and recovered as. and when, required. 

10 The security function of the present invention can, therefore, be effected 

through use of a conventional WWW-browser, together with functions for, inter alia, 
encryption and the handling of smart cards. 

The smart card may use asymmetric coding, including public cypher 
encryption, for effecting the electronic signature and, where necessary, encoding and 
15 decoding. 

Thus, in accordance with the present invention, secure transactions can be 
effected on the Internet using the secunty module 4 and associated WWW-server 5. 
The module 4 and WWW-server 5 are, therefore, installed on the computer terminal 
1 for performing the secunty functions referred to above. The WWW-server, forming 

20 part of the security module 4, is an extremely small WWW-server, of conventional 
type, which has the functionality to sign, encrypt and decrypt information data. 
Communication with the smart card reader 6 is handled by the security functions of 
the module 4 and, to facilitate this, the smart card reader 4 is connected to a 
communications port of the computer terminal 1. S 

25 5 

The security module 4 uses conventional WWW-technology and, as a 
consequence of this, the security-application becomes transparent (i.e. because 
WWW-technology is used for both the security module and the remainder of the 

- 9- 



SUBSTTTUTE SHEET (RULE 26) 



WO 97/5€207 



PCT/SE97/00849 



system) and can be generalised to match many different sen/ices. 

It will be seen from Figure 2 of the accompanying drawings that, on the server 
side of the present invention, a security module 7 is arranged behind a WWW-server 
8, and uses cgi-script and conventional software programs, as is normally the case 
h connection with the WWW. This security module is responsible for: 

verification of electronic signatures; 

encryption of information; and 

decryption of information. 

As shown in Figure 2, the WWW-server 8 is connected to the Internet 3, via 
a router 9, and can, for example, in the case of a bank, be connected to a back-end 
system 10 to which accepted transactions would be transmitted and stored. 

In essence, the WWW will function, under normal circumstances, in the 
following manner: 

a WWW-client, for example, Netscape, contacts (as a result of an action/ for 
instance a click with an electronic mouse, by a user of the computer terminal 
1) a WWW-server, somewhere in the world, and requests the return of a 
certain 'page', stored on the WWW-server; the requested 'page' may consist 
of text, graphics, pictures, photographs, and fields for entry of information, 
etc., but also of links to 'pages' on the same and/or other Web site servers - 
there may, in fact, be many "pages' that bring together links to all Web-site 
relating to a particular topic; and 

when the 'page 1 consists of a number of fields for entry of information, i.e. the 
page is a form requiring completion by a recipient, the request, referred to in 
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(a) above, from the client consists of the completed form; this form is treated 
on the server-side and, as a result, a new page is returned. 

In accordance with the present invention, use is made of conventional WWW- 
mechanisms, for example, a form is obtained from an external server but, instead of 
5 transmitting the completed form directly back to the external server, the form makes 
an ''intermediate landing' on the WWW-server of the local computer terminal 1, i.e the 
server 5. The server 5 attends to the signing, and possibly also encryption, of the 
information, in a manner as outlined above, and, on completion of this process, the 
form, or 'page', is returned to the WWW-ciient. The form will not be transmitted to 
10 the external server until the user requests such transmission. 

As stated above, data which is to be made available on the Internet must be 
transferred and, if necessary, translated into HTML documents, i.e. the universal 
language of the Internet. 

The method used for writing on a HTML-page is outlined below, in relation to 

15 the: 

recovery of information data from a 'page', or more particularly, from a WWW- 
form; and 

application of an electronic signature to the information data to facilitate the 
secure transmission of the information data through the various public 
20 networks. 

In accordance with the present invention, a small local WWW-server 5 "(si 
installed on the computer terminal 1 and the conventional WWW-procedures for 
handling forms are then used, in a manner known to persons skilled in the art, to 
effect the process. In other words, in accordance with normal procedures for forms, 
25 a cgi-script is called on the local server with data to which an electronic signature is 
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0 



to be applied, i.e. from the server www.xxx.se comes (as a result of a previous form) 
a 'page' which contains, for example: 

<form method = "post" action = "http://localhost/cgi-win/a_scripr> 

<input type = "hidden" name = "data" value = "<data to be signed>"> 

<input type = "hidden" name = "url" vaiue ="http://www. xxx.se/cgi bin/any_script"> 

<input type = "submit" value = "Sign"> </form>, 

"ajscnpt" on the local server (local host) making use of the signing function to 
produce an electronic signature to the data and then returns a page which, among 
other things, contains: 

<form method = "post" act,on = "http:ywww.xxx.se/cgi.bin/any_scr.pr> <,n P ut type = "hidden- 
name = "data" value = "<data which has been signed>"> 

<in P ut type = "hidden" name = "signmfo" vaiue =» <the electronic signature of the data>"> 
<input type = "submit" value = "Transmit"* </form> 

Since the security function of the present invention is based on conventional 
WWW-technology, it is independent of which browser is used and wh>ch server is 
used, i.e. no interference is necessary either in a browser, or in a server, in respect 
of which the security function is used. In addition, the security function of the present 
invention is relatively easy to adapt to different levels of secunty and to new 
technologies. This makes the present invention very flexible and cost effective in that 
it can be readily adapted to meet specific security requirements which may be 
demanded by a user and/or service provider. 

It will be directly evident from the foregoing that the present invention can be . 
used in many applications, where security of information is of prime importance, for' 
example, to: 

perform business transactions, such as, bank transactions, or the purchase 
of goods; 
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indicate authority for performing actions, such as, fogging on to a system, or 
obtaining access to certain information; 

encrypt information which shall be transmitted over the WWW; and 

decrypt information which has been, published encrypted on the WWW. 

In addition, the use of the security function of the present invention gives rise 
to the following advantages: 

use of conventional WWW-technologies; this means that services which are 
developed on. this medium are placed on the server-side and become 
accessible to everybody without any distribution problems - ail logic in the 
service itself is on the server-side; 

no dependence on which browser, or server, is used; - 

no interference necessary with either the browser, or the server; 

relatively inexpensive; and 

flexible, in that it can be adapted to meet different levels of security, the use 
of a smart card representing the highest level of security. 

The solution to the Internet security problems, presented by the present 
invention, can be effected using all Windows-platforms, (3.x, Win95, NT). Howeven,' 
the invention could be adapted for use on other platforms, such as. UNIX, or the 
Macintosh-platform, by suitably adjusting the porting arrangements. 
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CLAIMS 

1. An Internet communication system including a computer terminal, for each 
internet-client, and a number of Internet WWW-servers adapted to be accessed by 
an Internet-client, said computer terminals being adapted for connection to the 
Internet and having a VWWV-browser and a data modem for respectively accessing, 
and interfacing with, the WWW-servers, characterised in that the communication 
system includes security means, for said computer terminals and Internet-servers, to 
ensure that transactions between a WWW-server and an Internet-client are secure, 
said security means including an Internet-client server for each computer terminal and 
means for endorsing each transactions with an electronic signature, and in that said 
internet-client server has WWW-functionalities and is adapted to link with said data 
modem and said transaction endorsement means. 



2. A system as claimed in claim 1 , characterised in that said security means are 
adapted to encrypt and decrypt said transactions. 

3. A system as claimed in claim 1, or claim 2, characterised in that said 
transaction endorsement means includes a personalised smart card for each Internet 
client, and in that said computer terminals each include a smart card reader 
connected to a communication port of a respective computer terminal. 

4. A system as claimed in claim 3, when appended to claim 2, characterised in 
that said encryption and decryption is effected by said smart cards. 

5. A system as claimed in any one of the preceding claims, characterised in that 
said security means are arranged behind each of said Internet WWW-servers and ! 
are adapted to verify said electronic signature. 

6. A sysiem as claimed in claim 5, characterised in that said Internet WWW- 
server security means are adapted to encrypt and decrypt information. 
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7. A system as claimed in claim 5, or claim 6 ; characterised in that said security 
means are arranged behind each of said internet WWW-servers and uses cgi-script 
and WWW-compatible software. 

8. A system as ciaimed in any of claims 5 to 7, characterised in that said system 
5 includes, for each Internet WWW-server, a storage system for storing verified secure 

transactions, each of said storage systems being connected to a respective Internet 
WWW-server. 

9. A system as ciaimed in any of claims 5 to 8, characterised in that said system 
includes a router for each Internet WWW-server, said router being adapted to 

10 connect a respective internet WWW-server to the Internet. 

10. A system as ciaimed in any one of the preceding claims, characterised in that 
said security means embody conventional WWW-technology. 

11. A system as ciaimed in claim 10, characterised in that use of conventional 
WWW-technology makes the security function transparent. 

15 12. A system as claimed in any one of the preceding claims, characterised in that 
said system includes means for saving said electronic signature for subsequent use. 

13. A secure computer terminal for an Internet-client, said terminal being adapted 
for connection to the Internet and having a WWW-browser and a data modem for 
respectively accessing, and interfacing with, WWW-servers on the internet, 

20 characterised in that said computer terminal includes security means for ensuring that 
transactions conducted with a WWW-server are secure, said security means ! 
including an internet-client server and means for endorsing each transaction with an 
electronic signature, and in that said Internet-client server has WWW-functionalities 
and is adapted to link with said data modem and said transaction endorsement 

25 means. 
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14. A terminal as claimed in claim 13, characterised in that said security means 
are adapted to encrypt and decrypt said transactions. 

15. A terminal as claimed in claim 13, or claim 14, characterised in that said 
transaction endorsement means includes a personalised smart card for a user of said 
terminal, and in that said terminal includes a smart card reader, said reader being 
connected to a communication port of said terminal. 

16. A terminal as claimed in claim 15, when appended to claim 14, characterised 
in that said encryption and decryption is effected by said smart card. 

17. A terminal as claimed in any one of claims 13 to 16, characterised in that said 
security means embody conventional WWW-technology. 

18. A terminal as claimed in claim 17, characterised in that use of conventional 
WWW-technology makes the security function transparent. 

19. A secure Internet WWW-server, said server being adapted to communicate 
with a secure computer terminal as claimed in any one of the claims 13 to 18, 
characterised in that said Internet WWW-server includes server security means to 
ensure that transactions conducted with said computer terminal are secure, and in 
that said server security means are arranged behind said Internet WWW-server and 
adapted to verify said electronic signature. 

20. A WWW-server as claimed in claim 19, characterised in that said server 
security means are adapted to encrypt and decrypt information. 

21 . A WWW-server as claimed in claim 1 9, or claim 20, characterised in that said 
server security means are arranged behind said WWW-servers as cgi-script and 
WWW-compatible software. 
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22, A WWW-server as claimed in any one of claims 19 to 21, characterised in that 
said server security means embody conventional WWW-technology. 

23. A WWW-server as claimed in claim 22, characterised in that use of 
conventional WWW-technology makes the server security function transparent. 

5 24. In an Internet communication system including a computer terminal, for each 
Internet-client, and a number of Internet WWW-servers adapted to be accessed by 
an Internet-client, said computer terminals being adapted for connection to the 
Internet and having a WWW-browser and a data modem for respectively accessing, 
and interfacing with, the WWW-servers, a method for the secure transmission of 
10 information data between said Internet WWW-server and said computer terminals, 
characterised by the steps of: 

storing said information data on an intermediate Internet-ciient server, local to 
said computer terminal and having WWW-functionalities; 

endorsing said information data with an electronic signature; 

15 - transmitting the endorsed information data to said Internet WWW-server; and 

on receipt of said endorsed information data by said Internet WWW-server, 
verifying the electronic signature. 

25. A method as claimed in claim 24, characterised by the steps of: 

encrypting said endorsed information data prior to transmission to said Internet 
20 WWW-server; and 

on receipt of said encrypted information data by said Internet WWW-server, 
decrypting the information date. 
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26. A method as cfaimed in claim 24, or claim 25, characterised by the steps of: 

encrypting information data prior to transmission from an Internet WWW- 
server to a computer terminal; and 

on receipt of encrypted information data by said computer terminal, decryptina 
5 f the information data. 

27. A method as claimed in any one of the claims 24 to 26, characterised by the 
step of storing said electronic signature for subsequent identification of the originator 
of a transaction. 

10 28. A method as claimed in any one of claims 24 to 27, characterised in that the 
step of endorsing said information data with an electronic signature is effected using 
a personalised smart card. 

29. A method as claimed in claim 28, characterised in that said personalised smart 
card is used to encrypt and decrypt information data. 

15 30. A method as claimed in any one of the claims 24 to 29, characterised in that 
said information data is in page-form, the language of said page-form data being 
HTML. 

31 . A method as claimed in claim 30, characterised in that said page consist of any 
one, or more, of the following: 

20 - text; 

graphics; 

pictures; 
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photographs; and ■ 

fields for entry of information. 

32. A method as claimed in claim 30, characterised in that said page is linked to 
other pages on the same, or other, Internet WWW-servers. 

i 

33; a method as claimed in claim 31, characterised in that said page is a form 
having fields for entry of information, and in that the method includes the steps of: 

obtained said form from an Internet WWW-server; 

completing said form by entering information in said fields; 

transferring said completed form to said local intermediate server; 

endorsing said completed form with an electronic signature; 

transmitting the endorsed form from said local intermediate server to said 
Internet WWW-server; and 

on receipt of said endorsed form by said Internet WWW-server, verifying the 
electronic signature. 

34. A method as claimed in ciaim 33, characterised in that said endorsed form is 
encrypted prior to transmission to said Internet WWW-server. 

i 

35. A method as claimed in claim 33, or claim 34, characterised in that said form 
is obtained from an Internet WWW-server, www.xxx.se, and contains the following 
text: 
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<form method = "post" action = "http://locafhost/cgi-win/a_script"> 

<input type = "hidden" name = "data" value = "<data to be signed>"> 

<input type = "hidden" name = "uri" value - 'http://www.xxx.se/cgi bin/any_script"> 

<input type = "submit" vaiue = "Sign"> </form> 

5 and in that said method includes the steps of: 

I producing an electronic signature on said form, an "adscript" on said local 
■ intermediate server being used to effect the signing function; and 

returning said form to said Internet WWW-server, said form containing, inter 
alia: 

10 <form method = "post" action = "http:/www. xxx.se/cgi-bin/any_script"> <input type = "hidden" 

name = "data" value = M <data which has been signed> H > 

<input type = "hidden" name = "srgninfo" vaiue =" <the electronic signature of the data>"> 
<input type = "submit" value = "Transmit"> </form> 

36. A communication system operating in accordance with a method, as claimed 
15 m any one of the claims 24 to 35, for the secure transmission of information data 

between an Internet WWW-server and an Internet-client. 

37. An internet communication system including a secure computer terminal, as 
claimed in any of claims 13 to 18, for each internet-client, and a plurality of Internet 
WWW-servers, as claimed in any of claims 19 to 23. 

20 
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